Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/93350B04CD1411EF8D436DA9762E951A.roa
File: 93350B04CD1411EF8D436DA9762E951A.roa (raw, json)
Hash identifier: 2WXXhuKjjZGNGd8NhIeJvs7bTRUB+FVIYXSfF55/cZ0=
Subject key identifier: 39:21:59:3A:B1:A7:E4:32:C3:9A:7C:AD:B2:4B:31:C9:9C:D6:0B:6A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD0F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/93350B04CD1411EF8D436DA9762E951A.roa
Signing time: Tue 07 Jan 2025 16:29:32 +0000
ROA not before: Tue 07 Jan 2025 16:29:29 +0000
ROA not after: Mon 13 Dec 2027 16:29:29 +0000
asID: 17561
IP address blocks: 156.241.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64783 (0xfd0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:29:29 2025 GMT
Not After : Dec 13 16:29:29 2027 GMT
Subject: CN=677d566c-a8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:54:53:b1:d3:27:ae:00:a7:0e:2d:ce:26:16:
be:4e:1f:0c:4c:51:78:9f:7a:fe:56:4c:bc:3c:af:
a8:12:a9:a5:8d:30:03:de:64:6e:40:0c:14:1a:bd:
6d:e1:15:5b:25:d0:f4:f8:af:38:f3:fb:8d:eb:cf:
f9:37:2c:db:f8:24:44:8a:15:cc:bb:1f:ea:ff:2a:
f6:26:f2:91:42:93:37:2c:4a:1c:d8:53:63:cc:f5:
4b:7d:56:6b:87:62:e0:ed:2c:7d:12:51:78:af:90:
73:ac:19:85:92:26:a1:d5:69:72:aa:72:09:dd:d4:
2f:09:7d:ae:87:c8:39:fe:0d:5d:a1:47:73:2a:71:
12:d7:60:ce:f6:31:61:f7:6b:e1:35:99:0a:b5:d6:
f5:3d:b8:c5:c6:81:d2:85:9f:68:58:ab:2f:cf:86:
7e:05:31:f0:f1:c7:92:f3:2b:32:e4:87:54:b3:f4:
66:ed:aa:70:c6:94:de:89:0d:d7:7c:ea:f4:6d:84:
a3:ee:89:db:70:5b:c8:fc:97:c1:3d:4c:07:35:da:
f0:17:31:a8:4c:39:a7:32:b3:86:ce:72:1e:77:23:
73:8e:75:1e:a0:46:f7:f5:d6:2e:6e:74:9a:ed:ae:
8e:95:30:d1:b4:f2:fb:3f:ba:2d:f2:d7:db:2e:43:
17:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:21:59:3A:B1:A7:E4:32:C3:9A:7C:AD:B2:4B:31:C9:9C:D6:0B:6A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/93350B04CD1411EF8D436DA9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.11.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:d3:7a:6f:16:ee:01:32:4c:d3:c9:c4:2f:0a:35:d7:26:d9:
e6:a8:6a:f8:7a:54:40:50:26:b5:86:c7:22:40:15:ea:59:2e:
d5:09:d0:14:be:7c:4e:3e:d2:c4:bd:7d:3a:a1:93:98:e0:d5:
25:de:67:69:58:84:c1:75:96:26:58:77:0d:21:0b:c4:87:20:
3b:02:70:ff:c7:c0:9b:bf:1d:86:ae:da:6f:ff:bf:00:60:14:
32:26:e7:8a:e4:bc:99:f8:ff:71:26:3a:98:c0:72:a0:02:fb:
d1:7a:f1:3a:9f:15:86:cc:f4:18:11:7f:1a:6b:91:19:05:14:
69:ca:6d:14:1f:f7:38:3f:4b:e2:d2:72:55:d0:e6:0e:af:ca:
11:10:ba:a6:29:6d:d5:34:90:64:5f:df:bf:2f:f6:6a:57:37:
4e:e2:09:51:5d:64:8c:ef:cc:7c:ab:f0:37:6a:ad:14:15:0f:
f4:c5:30:41:98:70:51:4c:ab:4c:ca:12:dd:af:43:5c:66:01:
99:a3:a8:f8:e9:d4:5d:4c:45:aa:41:ac:61:f3:cb:4b:39:c6:
bf:ae:7b:bd:e3:4b:2a:a4:a7:1f:94:b8:30:9d:83:a4:97:38:
b9:40:2e:0f:8f:8a:35:1c:08:75:e5:3f:86:30:d5:b7:12:9c:
77:7e:5e:a5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0PMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTYyOTI5WhcNMjcxMjEzMTYyOTI5WjAYMRYw
FAYDVQQDEw02NzdkNTY2Yy1hOGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6VRTsdMnrgCnDi3OJha+Th8MTFF4n3r+Vky8PK+oEqmljTAD3mRuQAwU
Gr1t4RVbJdD0+K848/uN68/5Nyzb+CREihXMux/q/yr2JvKRQpM3LEoc2FNjzPVL
fVZrh2Lg7Sx9ElF4r5BzrBmFkiah1WlyqnIJ3dQvCX2uh8g5/g1doUdzKnES12DO
9jFh92vhNZkKtdb1PbjFxoHShZ9oWKsvz4Z+BTHw8ceS8ysy5IdUs/Rm7apwxpTe
iQ3XfOr0bYSj7onbcFvI/JfBPUwHNdrwFzGoTDmnMrOGznIedyNzjnUeoEb39dYu
bnSa7a6OlTDRtPL7P7ot8tfbLkMXxQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDkh
WTqxp+Qyw5p8rbJLMcmc1gtqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MzM1MEIwNENEMTQxMUVGOEQ0MzZEQTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPELMA0GCSqGSIb3DQEBCwUA
A4IBAQBv03pvFu4BMkzTycQvCjXXJtnmqGr4elRAUCa1hsciQBXqWS7VCdAUvnxO
PtLEvX06oZOY4NUl3mdpWITBdZYmWHcNIQvEhyA7AnD/x8Cbvx2Grtpv/78AYBQy
JueK5LyZ+P9xJjqYwHKgAvvRevE6nxWGzPQYEX8aa5EZBRRpym0UH/c4P0vi0nJV
0OYOr8oRELqmKW3VNJBkX9+/L/ZqVzdO4glRXWSM78x8q/A3aq0UFQ/0xTBBmHBR
TKtMyhLdr0NcZgGZo6j46dRdTEWqQaxh88tLOca/rnu940sqpKcflLgwnYOklzi5
QC4Pj4o1HAh15T+GMNW3Epx3fl6l
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:19 2025 by rpki-client